vmware windows servers vlan
Hi, we have one VMware ESXi host v6, and have two w2012 R2 web servers on it, we have given them different local subnet IPs but want to know if there are some VMware specific security we can use / vlan / firewall / switch etc, to separate them into effectively their own dmz, they are used externally by clients for websites, so they share the same internet connection, and as they are the same single host physical server, they share the same NIC.
is there anything with VMware we use to lock them down from each other more?
is there anything with VMware we use to lock them down from each other more?
ASKER
ok that does mean we need a physical switch with the VLANs set up as well? we don't have that in this environment.
Also we do not have a license on the ESXi host (yet) its on the free version. So no vSphere server either.
I should have mentioned this is the free version, we do have the paid for version on another network, but that does not help here.
this host is the only physical host on a spare fibre line we have for wireless clients in the office, that's why I want to lock the web servers down (from each other) as well.
sorry if I did not make that clear.....
Also we do not have a license on the ESXi host (yet) its on the free version. So no vSphere server either.
I should have mentioned this is the free version, we do have the paid for version on another network, but that does not help here.
this host is the only physical host on a spare fibre line we have for wireless clients in the office, that's why I want to lock the web servers down (from each other) as well.
sorry if I did not make that clear.....
Okay, if you do not have a physical switch with VLANS, then there is not much further isolation, that you can do, that you have not already done, with different IP Address allocations, and subnets.
VMware vSphere Hypervisor or ESXi both supports VLANs (free and licensed).
VMware vSphere Hypervisor or ESXi both supports VLANs (free and licensed).
ASKER
Hi, ok thanks for that Andrew, one thing we did think of was, there are two physical NICs on the host (HPDL360G5) currently we are only using one, there is a 8 port gigabit switch next to the server, could we use both NICs and specify two "networks" in vSphere client?
is that something we could then use to further isolate ?
is that something we could then use to further isolate ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ok thanks Andrew.
You would connecy each VM to a virtual machine portgroup with the VLAN Tag number, and then your vSwitch would need to be connected to a network trunk, with the tagged vLANS, configured in the physical switch for your network ports on the switch.